VPN > Settings
538
SonicOS Enhanced 4.0 Administrator Guide
Prior to the invention of Internet Protocol Security (IPsec) and Secure Socket Layer (SSL),
secure connections between remote computers or networks required a dedicated line or
satellite link. This was both inflexible and expensive.
A VPN creates a connection with similar reliability and security by establishing a secure tunnel
through the internet. Because this tunnel is not a physical connection, it is more flexible--you
can change it at any time to add more nodes, change the nodes, or remove it altogether. It is
also far less costly, because it uses the existing internet infrastructure.
VPN Types
There are two main types of VPN in popular use today:
• IPsec VPN: IPsec is a set of protocols for security at the packet processing layer of network
communication. An advantage of IPsec is that security arrangements can be handled
without requiring changes to individual user computers. SonicOS supports the creation and
management of IPsec VPNs.
IPsec provides two choices of security service: Authentication Header (AH), which
essentially allows authentication of the sender of data, and Encapsulating Security Payload
(ESP), which supports both authentication of the sender and encryption of data as well. The
specific information associated with each of these services is inserted into the packet in a
header that follows the IP packet header.
• SSL VPN: Secure Socket Layer (SSL) is a protocol for managing the security of a message
transmission on the Internet, usually by HTTPS. SSL uses a program layer located between
the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP)
layers. SSL uses the public-and-private key encryption system from RSA, which also
includes the use of a digital certificate. An SSL VPN uses SSL to secure the VPN tunnel.